Apple-FBI Encryption Battle, Facebook Arrest Flash At RSA

SAN FRANCISCO -- Apple's (AAPL) encryption battle with the FBI flashed again Wednesday as Silicon Valley bigwigs largely sided with the iPhone-maker during the RSA Conference in San Francisco, Calif., saying the policies of their companies also wouldn't allow for government backdoor access.

The debate at the big annual security event also followed the arrest Tuesday of Diego Dzodan, a Facebook (FB) exec in Brazil, who refused to decrypt WhatsApp communications in compliance with a government order. Dzodan's arrest was yet another flash point in the ongoing battle. Wednesday, a Brazilian judge ordered police to set Dzodan free.

At an RSA panel discussion Wednesday Michelle Dennedy, Cisco Systems' (CSCO) chief privacy officer, said the network gear giant, per policy, wouldn't provide the government backdoor access to encrypted communications. Silicon Valley companies such as Alphabet (GOOGL), Facebook and Microsoft (MSFT) also have sided with Apple.

Congress has yet to legislate backdoors, and outdated telecom laws don't tackle the now-hot topic. The Paris terror attacks and a mass shooting in San Bernardino, Calif., have reignited the issue on Capitol Hill, where legislators are weighing privacy concerns against law enforcement needs.

In the latter case, the FBI ordered Apple to decrypt the iPhone belonging to one of the two San Bernardino shooters. Apple is fighting the order. Cisco's policy would put it in the same hot waters, Dennedy said.

"We do not intentionally build in backdoors, and we do not do business with others who do," she said. "That is our policy."

Dennedy's position was echoed throughout the discussion, entitled "Can Government, Encryption, Backdoor and Privacy Co-Exist?" Backdoor access can act as a master key to all encrypted communications within a system. Apple's engineers haven't created that key, Apple CEO Tim Cook says.

Juniper Networks Saw A Backdoor Exploited

In December, Juniper Networks (JNPR) discovered unauthorized code running on an operating system backing their firewalls that let hackers decrypt VPN-protected communications, Green said. Experts have speculated a National Security Agency random-number generator, employed by Juniper, was to blame for the exploited backdoor.

"This is the danger with backdoors," Green said. "Juniper was protecting the Department of Defense and could not keep people from monitoring their code."

"You don't need a designed vulnerability (such as with a backdoor) when there are so many other vulnerabilities being exploited on a day-to-day basis," he said. "It's so much easier for those adversaries to break into our systems and violate our privacy."

But the panelists didn't side entirely with Apple.

Marshall argued that U.S., and other, consumers have accepted the idea of reduced privacy.

Chenxi Wang, chief security officer for Twistlock and the panel's moderator, noted Apple pushed a U2 album out to millions of phones but won't hand over the keys for government access.

"Is this a double standard?" she asked.

"This is beyond a double standard," Marshall said. "This goes to the actual user and their reduced expectation of privacy. It's a dangerous, slippery slope."

Dennedy, on the other hand, argued that the young-adult millennial generation is "crying" for privacy. Everything from their individualized clothing to the use of Snapchat messaging says as much. And therein lies the opportunity, she said.

"People are trusting their commerce, their culture, their families and their communities to us (as corporations)," she said. "We have an ethical obligation to build privacy into their systems."

Her advice for companies?

"Educate your users about what they are getting into rather than assuming, because they've fallen for your monopolistic practices, that they like it."

Notice: Information contained herein is not and should not be construed as an offer, solicitation, or recommendation to buy or sell securities. The information has been obtained from sources we believe to be reliable; however no guarantee is made or implied with respect to its accuracy, timeliness, or completeness. Authors may own the stocks they discuss. The information and content are subject to change without notice.